Skip to content

Add scripts for Mac Bundle #7987

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
errodriguez wants to merge 4 commits into
base: develop
Choose a base branch
from
+116 −0
Open

Add scripts for Mac Bundle #7987

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
845fa5a
Merge pull request #7957 from markmckinnon/TSK-4.14.0
markmckinnon Apr 9, 2025
a756a04
Merge pull request #7959 from markmckinnon/Uprade-version-Number-to-4…
markmckinnon Apr 9, 2025
8b9f675
First commit. To create a macOS application
errodriguez Nov 3, 2025
451fa4f
Merge branch 'sleuthkit:develop' into fix-arm64-missing-lib
errodriguez Nov 21, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Binary file added autopsy.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
116 changes: 116 additions & 0 deletions macos-bundle.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,116 @@
#! /usr/bin/env bash

Comment on lines +1 to +2
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot Apr 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail
rg -n 'set -euo pipefail|sips|iconutil|> /dev/null 2>&1' macos-bundle.sh

Repository: sleuthkit/autopsy

Length of output: 874

🏁 Script executed:

head -50 macos-bundle.sh | cat -n

Repository: sleuthkit/autopsy

Length of output: 1664

🏁 Script executed:

sed -n '80,100p' macos-bundle.sh | cat -n

Repository: sleuthkit/autopsy

Length of output: 1106

Top-level script lacks strict mode, and the icon block suppresses all tool output.

The macos-bundle.sh script has no set -euo pipefail at the top level, allowing silent failures. The icon generation block (lines 83–98) silently suppresses all output with > /dev/null 2>&1 and has no checks for required dependencies (autopsy.png, sips, iconutil). A missing source file or unavailable tool will produce a broken bundle without any error indication.

Proposed fix 
 #! /usr/bin/env bash
+set -euo pipefail
+

For lines 83–98:

 echo "Creating icon set..."
+[ -f "autopsy.png" ] || { echo "autopsy.png not found" >&2; exit 1; }
+command -v sips >/dev/null || { echo "sips is required" >&2; exit 1; }
+command -v iconutil >/dev/null || { echo "iconutil is required" >&2; exit 1; }
 mkdir -p tmp/autopsy.iconset
 ( 
 sips -z 16 16     autopsy.png --out tmp/autopsy.iconset/icon_16x16.png
@@ -94,7 +94,7 @@
 sips -z 512 512   autopsy.png --out tmp/autopsy.iconset/icon_512x512.png 
-) > /dev/null 2>&1
+)
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
#! /usr/bin/env bash
#! /usr/bin/env bash
set -euo pipefail
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@macos-bundle.sh` around lines 1 - 2, Add strict mode to the top of
macos-bundle.sh by enabling set -euo pipefail and IFS handling, and update the
icon generation block (the section that references autopsy.png, sips and
iconutil) to stop suppressing stdout/stderr, validate that autopsy.png exists
and that sips and iconutil are available (use which/command -v checks), and
abort with a clear error message if any dependency or file is missing; ensure
the icon generation commands themselves return non-zero on failure so the script
exits under strict mode.

#
# macos-bundle.sh v1.0
#
# Create a "bundle" for the Autopsy 4 application.
#
# 2025.11.02.- Eduardo René Rodríguez Ávila, creation.

#
# Application name and path
#

echo "Creating app bundle..."
APP="$HOME/Applications/Autopsy.app"
mkdir -p "$APP/Contents/MacOS" "$APP/Contents/Resources/app"

#
# Info.plist
#

echo "Creating Info.plist..."
cat > "$APP/Contents/Info.plist" << EOT
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>CFBundleName</key><string>Autopsy</string>
<key>CFBundleDisplayName</key><string>Autopsy</string>
<key>CFBundleIdentifier</key><string>mx.example.autopsy</string>
<key>CFBundleExecutable</key><string>autopsy-launcher</string>
<key>CFBundleIconFile</key><string>autopsy.icns</string>
<key>LSMinimumSystemVersion</key><string>13.0</string>
<key>NSHighResolutionCapable</key><true/>
</dict>
</plist>
EOT

#
# Launcher
#

echo "Creating launcher script..."
cat > "$APP/Contents/MacOS/autopsy-launcher" << EOT
#! /usr/bin/env bash
set -euo pipefail

# Resolve bundle paths
BUNDLE_DIR="\$(cd "\$(dirname "\$0")/.." && pwd)"
RESOURCES="\$BUNDLE_DIR/Resources"
APP_ROOT="\$RESOURCES/app"

# Prefer a JDK 17 if present; fall back to default
if [ -z "${JAVA_HOME:-}" ]; then
if /usr/libexec/java_home -v 17 >/dev/null 2>&1; then
export JAVA_HOME="$("/usr/libexec/java_home" -v 17)"
else
export JAVA_HOME="$("/usr/libexec/java_home" 2>/dev/null || true)"
fi
[ -n "${JAVA_HOME:-}" ] && export PATH="\$JAVA_HOME/bin:\$PATH"
fi

# Start from the app's root so relative paths work
cd "\$APP_ROOT"
exec "\$APP_ROOT/bin/autopsy"
EOT
Comment on lines +53 to +66
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot Apr 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

rg -n -C3 'jdkhome|--jdkhome|JAVA_HOME' \
  macos-bundle.sh \
  netbeans-plat/15/harness/launchers/app.sh \
  unix_setup.sh

rg -n '^[[:space:]]*#?[[:space:]]*jdkhome=' etc/autopsy.conf || true

Repository: sleuthkit/autopsy

Length of output: 3799

🏁 Script executed:

cat -n macos-bundle.sh | sed -n '1,90p'

Repository: sleuthkit/autopsy

Length of output: 3120

🏁 Script executed:

# Check the full context of how jdkhome is handled in app.sh
cat -n netbeans-plat/15/harness/launchers/app.sh | sed -n '80,110p'

Repository: sleuthkit/autopsy

Length of output: 873

🏁 Script executed:

# Search for any nbexec or java launcher documentation
fd -type f \( -name "*.md" -o -name "*.txt" -o -name "README*" \) | head -20

Repository: sleuthkit/autopsy

Length of output: 231

🏁 Script executed:

# Check if there's a default autopsy.conf to see typical jdkhome entries
fd -type f -name "autopsy.conf*"

Repository: sleuthkit/autopsy

Length of output: 231

🏁 Script executed:

# Search for autopsy.conf files
find . -name "*autopsy.conf*" -type f 2>/dev/null | head -20

Repository: sleuthkit/autopsy

Length of output: 97

🏁 Script executed:

# Check what bin/autopsy actually is
cat -n bin/autopsy | head -30

Repository: sleuthkit/autopsy

Length of output: 104

🏁 Script executed:

# Search for any netbeans nbexec documentation or comments about --jdkhome
rg -A2 -B2 'jdkhome' netbeans-plat/15/harness/launchers/ --type sh

Repository: sleuthkit/autopsy

Length of output: 1386

🏁 Script executed:

# Check the default autopsy.conf
cat installer_autopsy/etc/autopsy.conf

Repository: sleuthkit/autopsy

Length of output: 3517

🏁 Script executed:

# Search for where bin/autopsy gets created - it's likely from netbeans-plat
find . -path "*/bin/*" -type f | grep -E "(autopsy|launcher)" | head -20

Repository: sleuthkit/autopsy

Length of output: 229

🏁 Script executed:

# Check if app.sh actually uses JAVA_HOME or only jdkhome
rg -n 'JAVA_HOME|jdkhome' netbeans-plat/15/harness/launchers/app.sh | head -20

Repository: sleuthkit/autopsy

Length of output: 328

🏁 Script executed:

# Verify the rsync command at lines 76-77
cat -n macos-bundle.sh | sed -n '73,80p'

Repository: sleuthkit/autopsy

Length of output: 312

🏁 Script executed:

# Check if there's a template or mechanism to customize jdkhome in macos-bundle.sh
rg -n 'jdkhome|autopsy.conf' macos-bundle.sh

Repository: sleuthkit/autopsy

Length of output: 43

Remove stale jdkhome from config after bundle assembly.

The launcher carefully selects JAVA_HOME (preferring JDK 17), but bin/autopsy (which is the netbeans app.sh launcher) reads jdkhome from etc/autopsy.conf and passes --jdkhome to nbexec, overriding the launcher's selection. The copied config file contains jdkhome="jre", which will override the JAVA_HOME set at lines 54-61.

This mirrors the pattern in unix_setup.sh (lines 55-57), which removes jdkhome before setting a new value (though the comment notes this only works on Linux). The same cleanup is needed here after rsync copies the stale config.

Proposed fix 
 rsync -a --delete --exclude=".git" --exclude="target" \
   "$SRC/${autopsy,bin,etc}" "$APP/Contents/Resources/app/"
+
+# Prevent stale jdkhome from overriding launcher JAVA_HOME selection
+CONF="$APP/Contents/Resources/app/etc/autopsy.conf"
+if [ -f "$CONF" ]; then
+  awk '!/^[[:space:]]*jdkhome=/' "$CONF" > "$CONF.tmp"
+  mv "$CONF.tmp" "$CONF"
+fi
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@macos-bundle.sh` around lines 53 - 66, The copied etc/autopsy.conf contains a
stale jdkhome="jre" that will override the JAVA_HOME chosen by the launcher
(JAVA_HOME logic and exec "$APP_ROOT/bin/autopsy"); after the rsync/copy step in
macos-bundle.sh but before exec "$APP_ROOT/bin/autopsy", remove any existing
jdkhome entries from "$APP_ROOT/etc/autopsy.conf" (e.g. use sed -i or grep -v to
delete lines matching ^jdkhome=) so the launcher’s JAVA_HOME selection is not
overridden; ensure the removal targets the same file referenced by APP_ROOT and
is done on macOS-compatible sed/commands.


chmod u+x "$APP/Contents/MacOS/autopsy-launcher"

#
# Autopsy is copied
#

echo "Copyng application..."
SRC="$PWD" # Change if necessary
rsync -a --delete --exclude=".git" --exclude="target" \
"$SRC/${autopsy,bin,etc}" "$APP/Contents/Resources/app/"
Comment on lines +74 to +77
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot Apr 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

rg -n '\$\{autopsy,bin,etc\}' macos-bundle.sh

bash -lc 'unset autopsy; SRC=/tmp/src; printf "current=[%s]\n" "$SRC/${autopsy,bin,etc}"'
bash -lc 'SRC=/tmp/src; printf "expected=[%s]\n" "$SRC"/{autopsy,bin,etc}'

Repository: sleuthkit/autopsy

Length of output: 433

Fix invalid Bash expansion in the rsync source list and typo on line 74.

Line 77 uses ${autopsy,bin,etc} (parameter expansion), not brace expansion. When the autopsy variable is unset, this resolves to an empty value, causing rsync to sync only $SRC/ instead of the three required directories. Additionally, line 74 contains a typo: "Copyng" should be "Copying".

Proposed fix 
-echo "Copyng application..."
+echo "Copying application..."
 SRC="$PWD"  # Change if necessary
-rsync -a --delete   --exclude=".git"  --exclude="target" \
-  "$SRC/${autopsy,bin,etc}" "$APP/Contents/Resources/app/"
+for d in autopsy bin etc; do
+  [ -d "$SRC/$d" ] || { echo "Missing required directory: $SRC/$d" >&2; exit 1; }
+done
+rsync -a --delete --exclude=".git" --exclude="target" \
+  "$SRC/autopsy/" "$SRC/bin/" "$SRC/etc/" "$APP/Contents/Resources/app/"
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
echo "Copyng application..."
SRC="$PWD" # Change if necessary
rsync -a --delete --exclude=".git" --exclude="target" \
"$SRC/${autopsy,bin,etc}" "$APP/Contents/Resources/app/"
echo "Copying application..."
SRC="$PWD" # Change if necessary
for d in autopsy bin etc; do
[ -d "$SRC/$d" ] || { echo "Missing required directory: $SRC/$d" >&2; exit 1; }
done
rsync -a --delete --exclude=".git" --exclude="target" \
"$SRC/autopsy/" "$SRC/bin/" "$SRC/etc/" "$APP/Contents/Resources/app/"
🧰 Tools
🪛 Shellcheck (0.11.0)

[warning] 77-77: autopsy is referenced but not assigned.

(SC2154)

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@macos-bundle.sh` around lines 74 - 77, The echo message has a typo ("Copyng")
and the rsync source uses invalid parameter expansion `${autopsy,bin,etc}` which
should be a brace-expanded list; update the echo to "Copying application..." and
change the rsync source to explicitly list the three directories (or use brace
expansion) so rsync copies "$SRC/autopsy" "$SRC/bin" "$SRC/etc" (or
"$SRC/{autopsy,bin,etc}") into "$APP/Contents/Resources/app/"; ensure variables
SRC and APP are used as in the original rsync command.


#
# Icon set
#

echo "Creating icon set..."
mkdir -p tmp/autopsy.iconset
(
sips -z 16 16 autopsy.png --out tmp/autopsy.iconset/icon_16x16.png
sips -z 32 32 autopsy.png --out tmp/autopsy.iconset/icon_16x16@2x.png
sips -z 32 32 autopsy.png --out tmp/autopsy.iconset/icon_32x32.png
sips -z 64 64 autopsy.png --out tmp/autopsy.iconset/icon_32x32@2x.png
sips -z 128 128 autopsy.png --out tmp/autopsy.iconset/icon_128x128.png
sips -z 256 256 autopsy.png --out tmp/autopsy.iconset/icon_128x128@2x.png
sips -z 256 256 autopsy.png --out tmp/autopsy.iconset/icon_256x256.png
sips -z 512 512 autopsy.png --out tmp/autopsy.iconset/icon_256x256@2x.png
sips -z 512 512 autopsy.png --out tmp/autopsy.iconset/icon_512x512.png
) > /dev/null 2>&1
cp autopsy.png tmp/autopsy.iconset/icon_512x512@2x.png
iconutil -c icns tmp/autopsy.iconset -o "$APP/Contents/Resources/autopsy.icns"

#
# Sign
#

echo -n "Signing application..."
codesign -s - --force --deep "$APP"
xattr -dr com.apple.quarantine "$APP"

#
# Final instrucctions
#

echo ""
echo "First time could be necessary to launch from terminal with:"
echo ""
echo "\$ open $APP"
echo ""
echo "after that it will appear in Spotlight"